Linux Plumbers Conference 2020

Name: Linux Plumbers Conference 2020
Start: 2020-08-24T06:45:00-07:00
End: 2020-08-28T16:00:00-07:00
Location: No location set

24–28 Aug 2020

US/Pacific timezone

2020

contact@linuxplumbersconf.org

What's Left After openat2?

24 Aug 2020, 07:05

20m

Microconference1/Virtual-Room (LPC Virtual)

Microconference1/Virtual-Room

LPC Virtual

150

Containers and Checkpoint/Restore MC Containers and Checkpoint/Restore MC

Mr Aleksa Sarai (SUSE LLC)

openat2 landed in Linux 5.6, but unfortunately (though it does make it easier to implement safer container runtimes) there are still quite a few remaining tricks that attackers can use to attack container runtimes. This talk will give a quick overview of the remaining issues, some proposals for how we might fix them, and how libpathrs will make use of them. In addition, a brief update on libpathrs will be given.

Examples of attacks include:

Fake /proc mounts.
Bind-mounting on top of magic-links (such as /proc/$pid/attr/exec).

I agree to abide by the anti-harassment policy	I agree

Linux Plumbers Conference 2020

2020

What's Left After openat2?

Microconference1/Virtual-Room

LPC Virtual

Speaker

Description

Primary author

Presentation materials

Diamond Sponsor

Platinum Sponsors

Gold Sponsors

Silver Sponsors

Catchboxes Sponsor

Conference Services Provided By